07877 388 400 care@poseidon-gp.com

DATA POLICY

When Poseidon Care processes your personal data, it is required to comply with the Data Protection Act 2018 (“DPA”) and the UK GDPR (the DPA and UK GDPR are together referred to as the “Data Protection Legislation”). Poseidon Care may collect different types of personal data directly from or about you depending on the activities or services we are offering and that you are taking part in or using.

This can include your name, address, telephone number, email, date of birth, data relating to your personal and caring situations, religion, medical and immigration checks data (if pertinent to the activities or services). We may also process your personal data to respond to any queries or comments you submit to us and to correspond with you on a day-to-day basis. You may provide us with any or all of this data online, at an event, on paper or over the phone through a job application form, a sign-up form (if requesting information or asking to be put on a mailing list), or by registering for and/or attending an event.

Everything we do with your personal data counts as processing it – including collecting, storing, amending, transferring, and deleting it. We are, therefore, required to comply with the Data Protection Legislation to make sure that your information is properly protected and used appropriately.

This privacy policy provides information about the personal data we process, why we process it and how we process it.

What personal data do we process about you?

We may need personal data from you to be able to provide services to you, to meet our legal obligations, to enter into a contract with you and/or to provide you with all the information you need. If we do not receive the personal data from you, we may be unable to fulfil our obligations to you.

We process most of your information on the grounds of consent from you, legitimate interests (such as a business relationship with you or the company for which you work and fulfilment of our contract with you (where you are an individual), to determine whether or not we have a suitable vacancy for you, protection of the vital interests of a Data Subject or, in the case of special categories of data, processing for the provision of health or social care or treatment or the management of health or social care systems or services.

The Organisation will require written consent from the subject individual in order for personal data to be collected and processed. In this respect it will be taken that consent is implied through the following:

  • Service Users – by the service user accepting the Contract for Care, which is signed by the service user or authorized representative. In order for the Organisation to develop an appropriate Plan of Care personal details must be divulged and kept on record.
  • Employees – by completing the Job Application Form at onset of employment, and where the employee has not registered an objection to their data being used.

If we obtain consent from you to the processing of your personal data, you can withdraw your consent at any time. This will not affect the lawfulness of any processing we carried out prior to you withdrawing your consent.

More information about the personal data we process is set out below:

[Service Users]

[Personal data that we may process about you (depending on the extent of the information you have provided to us) includes:

  • Identity data such as your first name, middle names, last name, marital status, title, date of birth and gender
  • Contact data such as your address, email address and telephone numbers
  • Financial data including your bank account and payment card details
  • Special categories of data including information about your medical background and health and diversity/equality
  • Information such as your race and ethnicity 

[Candidates]

[Personal data that we are likely to process about you includes:

  • Identity data such as your first name, middle names, last name, marital status, title, date of birth and gender
  • Contact data such as your postal address, email address and telephone numbers
  • Background data such as your education, career background and work experience
  • Medical and immigration checks data (if pertinent to the activities or services)
  • Personal information such as your skills and qualities
  • Any other information that you include on any CV, application form or covering letter you send to

If this information includes special categories of data we will process that information on the grounds of consent as explained above, because you have chosen to provide it to us.

Who will receive your personal data?

We only transfer your personal data to the extent we need to. Recipients of your personal data may include:

  • Company Officers
  • Service Affiliates

who are all required to comply with the Data Protection Act 2018 and the International GDPR.

We do not transfer your personal data outside of the EEA.

How long will we keep your personal data?

[Candidates]

We will retain your personal data for the period of your employment with us and for 1 year from the date on which your employment ends. We may need to retain some documents for other purposes (for example, to comply with legislation on preventing illegal working) and for longer periods of time.

The advised retention period for application forms and interview notes for unsuccessful applicants is one year. Unsuccessful candidates may submit discrimination claims within six months; however this time limit has been known to be extended to one year.

[Service Users]

Service users’ records are kept for a period of 3 years after termination / completion of the Contract for Care. These records will be kept in a secure location at the Organisation’s offices and in such manner as to prevent deterioration or spoilage.

We must ensure we meet any legal requirements set for record keeping. Your information will be kept securely at all times.

Following the end of the relevant retention period, your files and the personal data covered by the retention period will be permanently deleted or destroyed. 

What are your rights?

You benefit from a number of rights in respect of the personal data we hold about you. We have summarised the rights which may be available to you below, depending on the grounds on which we process your data. More information is available from the Information Commissioner’s Office website (https://ico.org.uk/for-organisations/guide- to-the-general-data-protection-regulation-gdpr/individual-rights/). These rights apply for the period in which we process your data.

Access to your data

You have the right to ask us to confirm that we process your personal data, as well as having the right to request access to/copies of your personal data. You can also ask us to provide a range of information, although most of that information corresponds to the information set out in this privacy policy.

We will provide the information free of charge unless your request is manifestly unfounded or excessive or repetitive, in which case we are entitled to charge a reasonable fee. We may also charge you if you request more than one copy of the same information.

We will provide the information you request as soon as possible and in any event within one month of receiving your request. If we need more information to comply with your request, we will let you know.

Rectification of your data

If you believe personal data we hold about you is inaccurate or incomplete, you can ask us to rectify that information. We will comply with your request within one month of receiving it unless we do not feel it is appropriate, in which case we will let you know why. We will also let you know if we need more time to comply with your request.

Right to be forgotten

In some circumstances, you have the right to ask us to delete personal data we hold about you. This right is available to you:

  • Where we no longer need your personal data for the purpose for which we collected it
  • Where we have collected your personal data on the grounds of consent and you withdraw that consent
  • Where you object to the processing and we do not have any overriding legitimate interests to continue processing the data
  • Where we have unlawfully processed your personal data (i.e. we have failed to comply with UK GDPR); and
  • Where the personal data has to be deleted to comply with a legal obligation

There are certain scenarios in which we are entitled to refuse to comply with a request. If any of those apply, we will let you know.

Right to restrict processing

In some circumstances, you are entitled to ask us to suppress processing of your personal data. This means we will stop actively processing your personal data but we do not have to delete it. This right is available to you:

  • If you believe the personal data we hold is not accurate – we will cease processing it until we can verify its accuracy
  • If you have objected to us processing the data – we will cease processing it until we have determined whether our legitimate interests override your objection
  • If the processing is unlawful; or
  • If we no longer need the data but you would like us to keep it because you need it to establish, exercise or defend a legal claim 

Data portability

You have the right to ask us to provide your personal data in a structured, commonly used and machine-readable format so that you are able to transmit the personal data to another data controller. This right only applies to personal data you provide to us:

  • Where processing is based on your consent or for performance of a contract (i.e. the right does not apply if we process your personal data on the grounds of legitimate interests); and
  • Where we carry out the processing by automated means

We will respond to your request as soon as possible and in any event within one month from the date we receive it. If we need more time, we will let you know.

Use of Personal Devices (BYOD) and Data Protection
As part of our commitment to protecting personal data and ensuring compliance with the General Data Protection Regulation (GDPR), our organization allows employees to use their personal devices, such as smartphones, tablets, and laptops, for work purposes. This practice is governed by our Bring Your Own Device (BYOD) policy, which is designed to ensure the security and privacy of all personal data processed on such devices.

1. Scope of the BYOD Policy

Our BYOD policy applies to all employees, contractors, and third-party service providers who access company data and systems using personal devices. This policy ensures that all devices used for work purposes are subject to the same data protection and security standards as company-owned devices.

2. Data Security Measures

To safeguard the confidentiality, integrity, and availability of personal data processed on personal devices, we implement the following measures:

  • Device Encryption: All personal devices used for work must have encryption enabled to protect stored and transmitted data.
  • Strong Authentication: Devices must be protected with strong passwords, and access to work systems requires multi-factor authentication.
  • Regular Updates: Employees are required to ensure that their devices are up-to-date with the latest security patches and software updates.
  • Remote Wipe Capability: In the event of device loss, theft, or an employee’s departure, we reserve the right to remotely wipe work-related data from the device to prevent unauthorized access.

3. Data Minimization and Access Controls

In accordance with the GDPR’s data minimization principle, only the minimum amount of personal data necessary for work purposes will be processed on personal devices. Access to sensitive data and systems is restricted based on job role and responsibility, and personal devices will only be allowed to access approved systems and applications.

4. Monitoring and Auditing

To ensure compliance with our BYOD policy, we may periodically monitor the use of personal devices that access our data or systems. Monitoring will be done in a way that respects the privacy of employees while ensuring that security standards are maintained. Regular audits may also be conducted to assess compliance with security requirements.

5. Reporting and Incident Management

In the event of a data breach or suspected security incident involving a personal device, employees must immediately report the incident to our Data Protection Officer (DPO). We follow a strict protocol for investigating, mitigating, and notifying any data breaches in line with GDPR requirements, including notifying affected individuals and the relevant supervisory authority if necessary.

6. Termination and Device Disposal

When an employee leaves the company or ceases to use their personal device for work purposes, all company data must be removed from the device. This may include the deletion of work-related applications and files, or, if necessary, the remote wiping of the device to ensure that no sensitive data remains.

7. Employee Responsibilities

Employees are responsible for the following:

Keeping their personal devices secure and in compliance with the BYOD policy.
Reporting any loss or breach of the device immediately.
Ensuring that personal data processed on the device is handled in accordance with our data protection policies and GDPR requirements.

Right to object

You are entitled to object to us processing your personal data:

  • If the processing is based on legitimate interests or performance of a task in the public interest or exercise of official authority
  • For direct marketing purposes (including profiling); and/or
  • For the purposes of scientific or historical research and statistics

In order to object, you must have grounds for doing so based on your particular situation. We will stop processing your data unless we can demonstrate that there are compelling, legitimate grounds which override your interests, rights and freedoms or the processing is for the establishment, exercise or defence of legal claims.

Automated decision making

Automated decision making means making a decision solely by automated means without any human involvement. This would include, for example, an online credit reference check that makes a decision based on information you input without any human involvement. It would also include the use of an automated clocking-in system that automatically issues a warning if a person is late a certain number of times (without any input from HR, for example).

We do not carry out any automated decision making using your personal data.

Your right to complain about our processing

If you think we have processed your personal data unlawfully or that we have not complied with UK GDPR, you can report your concerns to the supervisory authority in your jurisdiction. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). You can call the ICO on 0303 123 1113 or get in touch via other means, as set out on the ICO website: https://ico.org.uk/concerns/.

Any questions?

If you have any questions or would like more information about the ways in which we process your data, please contact [Mina Kovacevic/Head of Data Management/mk@poseidonhumancapital.com].

 

Note: All Poseidon Care Policies are reviewed annually, more frequently, or as necessary

 

 

Privacy Overview

This website is owned by Poseidon Group

Contact details:
Address of registered office: Hurlingham Studios, Ranelagh Gardens, London SW6 3PA, United Kingdom
Telephone: +44 (0) 20 7349 9966
Email: info@poseidon-gp.com

General terms and conditions

We are aware of the fact that you have trust in us, which is why we believe it is our responsibility to protect your privacy. On this page we inform you what data we collect when you use our website, why we collect that data and how we use it to enhance your user experience, allowing you to see exactly how we work.

This privacy policy is applicable to the services offered by Poseidon Group. Please be aware that Poseidon Group is not liable for the privacy policies of other websites and sources. By accessing and using this website you are indicating and declaring that you explicitly consent to the following general terms and conditions.

Poseidon Group respects the privacy of all its website’s users and ensures that the personal information you provide to us is treated confidentially.

Intellectual property rights

The content of this website, including the brands, logos, drawings, product or company names, texts, images, etc, are protected by intellectual property rights and belong to Poseidon Group or to rightful third parties.

Limitation of liability

The information contained in this website is of a general nature. This information is not adapted to personal or specific circumstances, so cannot be deemed to be personal, professional or legal advice for the user.

Poseidon Group makes every effort to ensure that the information made available is complete, correct, accurate and updated. Despite these efforts, errors can occur in the information made available. Should the provided information contain errors or if certain information is unavailable on this site or through this site, Poseidon Group shall make every effort to rectify the situation.

Poseidon Group can however not be held liable for direct or indirect damage resulting from the use of the information available on this site.

Should you find inaccuracies in the information available through this website, you can contact us at any time at info@poseidon-gp.com.

The content of this website (including the links) can be updated, amended or supplemented at any time without prior notice. Poseidon Group does not guarantee that the website shall function properly and can in no sense be held liable for its poor functioning or the temporary (un)availability of the website or for any form of damage, whether direct or indirect, arising from accessing or using the website.

Links to other websites

Poseidon Group can under no circumstances be held liable towards any party, whether in a direct, indirect, special or other manner, for damage attributable to the use of this website or of any other site, in particular through links or hyperlinks, including, without limitation, any loss of, work interruption or damage to software or other data on the computer system or to the hardware, software or other property of the user.

The website may contain hyperlinks to websites or third-party pages, or refer to these indirectly. The inclusion of links to these websites or pages does not in any way imply an implicit approval of their content.

Poseidon Group expressly declares that it has no control over the content of or over other characteristics of these websites and can under no circumstances be held liable for the content or the characteristics thereof or for any other form of damage caused by the use thereof.

Site access denial

We reserve the right to unilaterally deny access to the entire website or a part thereof to any natural person or legal entity:

  • that contravenes these terms and conditions of use
  • that damages the good reputation of this website in any manner
  • that infringes upon the intellectual rights of third parties
  • that uses the website for illegal purposes

We moreover reserve the right to press charges against those parties.

Availability of the site

Although we endeavour to make the Poseidon Group website available 7 days a week and 24 hours a day, we reserve the right to interrupt access to the website at any time and without prior notice for technical or other reasons. We likewise reserve the right to terminate our services, without us being able to be held liable for these interruptions or the possible consequences thereof for you or for a third party.

Changes

This privacy declaration is intended for the use of the website and the options available thereupon. Any amendments and/or changes to this website could lead to changes in this privacy declaration. We consequently recommend that you consult this privacy declaration on a regular basis.

Applicable law and competent courts

Belgian law is applicable to this website. In the event of any disputes, the courts of the court district of Brussels have sole jurisdiction.

Privacy policy

https://leskovac.capitolpark.rs/privacy-policy/

Social networks

We cooperate with a number of social networks. When you are using this service your browser will automatically connect to the respective social network and transmit your IP address and other information such as cookies, if you have visited the respective platform before. As far as possible, we avoid this kind of data transfer until you interact directly with one of these platforms. By clicking on the corresponding symbol (e.g. the Twitter logo) you indicate that you want to communicate with the platform you have selected (in this case Twitter) and agree that information about you, such as your IP address, is transmitted to this social network.

Our website uses www.facebook.com, a service operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The plug-ins appear in the form of a specific symbol or are indicated by the addition.

The plug-in establishes a direct connection between your browser and the servers of Facebook. We have no influence whatsoever on the type and extent of the data the plug-in transfers to the Facebook servers.

The plug-in informs Facebook that you have visited our website as a user. During this process your IP address may be stored. If you are logged in to your Facebook account while you are visiting our website, the information mentioned above is linked to your account. If you use the function of the plug-in, the respective information will also be transmitted to Facebook.

If you want to prevent Facebook from linking these data to your Facebook account, please log out from Facebook before visiting our website. You can find out more about the purpose and scope, and about how Facebook processes and uses the data, as well as your rights and the possible settings to protect your privacy in Facebook’s privacy notice by following this link: facebook.com/about/privacy.

Our website uses www.linkedIn.com, a service operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. The plug-ins appear in the form of a specific symbol or are indicated by the addition: We log usage data when you visit websites that use our plug-ins or place cookies, or when you log in to services of third parties with your LinkedIn account.

The plug-in establishes a direct connection between your browser and the servers of LinkedIn. We have no influence whatsoever on the type and extent of the data the plug-in transfers to the servers of LinkedIn.

The plug-in informs LinkedIn that you have visited our website as a user. During this process your IP address may be stored. If you are logged in to your LinkedIn account while you are visiting our website, or if you log in to our services with your LinkedIn account credentials, the information mentioned above is linked to your LinkedIn account.

You can find out more about the purpose and scope, and about how LinkedIn processes and uses the data, as well as your rights and the possible settings to protect your privacy in LinkedIn’s privacy notice by following this link: www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy.

Our website uses https://accounts.google.com, a service operated by Google LLC („Google“), Amphitheater Parkway, Mountain View, CA 94043, USA. The plug-ins appear in the form of a specific symbol or are indicated by the addition.

The plug-in establishes a direct connection between your browser and the servers of Google. We have no influence whatsoever on the type and extent of the data the plug-in transfers to the servers of Google.

The plug-in informs Google that you have visited our website as a user. During this process your IP address may be stored. You can find out more about the purpose and scope, and about how Google processes and uses the data, as well as your rights and the possible settings to protect your privacy in Google’s privacy notice by following this link: policies.google.com/privacy.

Google Analytics, Google Ad Words and Re-Targeting

The websites of Poseidon Group use Google AnalyticsGoogle Ad Words and Re-Targeting, which are web analytics services of Google Inc. („Google“), 1600 Amphitheater Pkwy, Mountain View, CA 94043, USA.

Google Analytics uses „cookies“, which are text files that are stored on your device and that allow an analysis of how you are using the websites.

Google Ad Words uses „cookies“, which are text files that facilitate Conversion Tracking and Remarketing Codes. If you click on an advertisement placed by Google, Google Ad Words stores a cookie for the Conversion Tracking.
Re-Targeting is process that involves third-party companies. The service provided by Poseidon Group also uses Re-Targeting software. This technology allows to present advertisements to a user also on other websites visited by that user. In this way the user can be provided with advertisements that are based on his or her interests.

Information about your use of these websites (incl. your IP address) collected by cookies will usually be transmitted and stored on a Google server in the USA. However, if IP anonymisation is activated on the websites, Google will truncate your IP address within the Member States of the European Union or in other states which are parties to the Agreement on the European Economic Area. Only in exceptional cases, the full-length IP address is transmitted to a Google server in the USA and is truncated there. Google uses this information on behalf of the provider of this website to evaluate how you are using the websites, to compile reports on website activities and to provide further services connected to the website use and the Internet use to the party operating this web site. Google does not link the IP address transmitted by your browser when you are using sites that use Google Analytics, Google AdWords and Re-Targeting to other data. You can prevent these cookies from being stored by making the respective setting in your browser software, however, please note that in this case you may not be able to use the full functionality of the Poseidon Group websites. The Poseidon Group websites also use the Analytics Function UserID in order to better understand interactions by analysing the data. In addition, this user ID is anonymised and encrypted and is not combined or linked with other data.

Google uses this information to evaluate how our websites is being used, to compile reports on website activities and to provide to us further services connected to the website use and the Internet use to the provider of the web site. Our legitimate interest in the data processing in accordance with Article 6(1)(f) GDPR lies in these purposes laid out above. Google does not link the IP address transmitted by your browser when you are using sites that use Google Analytics, Google AdWords and Re-Targeting to other data.

You can deactivate Google Display Ads and change the display behavior in the Google Display Network in the display settings that can be opened by following this link: www.google.rs/settings/ads.

You can prevent Google from collecting and processing the data generated by the cookie and related to your use of our website (including your IP address) by downloading and installing the browser add-on available under the following link: Alternatively, by clicking on this link you can prevent Google from collecting data about you on this website. In order for you to use this option your browser must allow cookies to be stored. If you delete your cookie files regularly, you must click on this link every time you visit this website. Under the links below you can find more information about how Google uses data: policies.google.com/privacy/partners?hl=en and https://support.google.com/analytics/answer/6004245?hl=en.

How we use the collected data

Use of our services

When you apply for one of our services we ask you to provide your personal data. This data is used for the purposes of performing the service. The data is stored on Poseidon Group secured servers or on those belonging to a third party. We shall not combine this data with other personal data that we have access to.

Communication

When you send an email or other message to us, we could retain it. Sometimes we request personal data that is relevant to the situation concerned so that we are able to process your questions and respond to your requests. The data is stored on Poseidon Group’s secured servers or on those belonging to a third party. We shall not combine this data with other personal data that we have access to.

Purposes

We require your personal data:

  • to respond to your request
  • to send you newsletters,
  • to keep you informed of our activities and updates,
  • for advertising and marketing purposes.

We do not collect or use data for purposes other than those purposes stated (and to which you have consented) in this privacy policy, unless we have obtained consent in advance.

Protecting your personal data

Your other personal data is not encrypted for transmission, but we have effected privacy policy measures in order to protect your personal data that falls under our control against:

  • access to or changes made by unauthorized parties,
  • improper use or publication,
  • unlawful destruction or accidental loss.

Our staff that have access to your personal data are obliged to respect the confidential nature of the data.

We consider your personal data to be confidential information that we will never provide to third parties.

Third parties

The information is not provided to third parties. In some cases, the data you provide can be transmitted to others within the company. Our staff are obliged to respect the confidentiality of your data.

Available options for personal data

We offer all visitors to our website the option to access, change or delete all personal data provided to us at that time.

Changing/unsubscribing from the newsletter service

At the bottom of every newsletter there is the option to change your information or to unsubscribe.

Changing/unsubscribing from communications

If you wish to change your data or remove yourself from our files, please contact us. See the above contact details.

Cookies

We collect cookies for research purposes so that we develop a better understanding of our clientele and tailor our services accordingly. This website uses cookies (small text files stored on your computer) so that the website can analyze how the site is used by visitors.
The information generated by the cookie on how you use the website can be sent to Poseidon Group’s secured servers or those of a third party. We use this information to monitor how the website is used, to compile reports on website activity and to offer other services in respect of website activity and internet usage.

Further information is available in our cookie policy.

Switching off cookies

Most browsers are set to standardly accept cookies, but you can reset your browser to refuse cookies or to inform you when a cookie is sent. However, when you switch off cookies in your browser, some functions and services could no longer work properly, both on our website and on other websites.